Accountability and B2B - Cyber Security Informer

The noodle soup of B2B IAM and third-party identities

Thales Cloud Protection & Licensing

FEBRUARY 25, 2025

The noodle soup of B2B IAM and third-party identities madhav Wed, 02/26/2025 - 07:29 Introduction: A messy bowl of terminology Identity management is no longer just about employees. B2B IAM The Hidden Value of Third-Party Identities. So why is B2B IAM such a tangled mess of terminology, and does it really matter?

B2B

B2B Risk Authentication Digital transformation

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A recent report, B2B IAM – The Hidden Value of Third-Party Identities , indicates that external identities outnumber traditional employees by nearly two to one. While conventional “internal” employees account for 29% of identities, non-employees or “external identities” in aggregate (contractors, vendors, etc.)

B2B

B2B Cybersecurity Risk Identity Theft

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

It's the old "data is the new oil" analogy that recognises how valuable our info is, and as such, there's a market for it.

Data breaches

Data breaches Passwords B2B Technology

How B2B IAM helps build business agility

Thales Cloud Protection & Licensing

SEPTEMBER 16, 2024

How B2B IAM helps build business agility madhav Tue, 09/17/2024 - 04:25 In today’s interconnected business environment, the spotlight often shines on security, especially as organizations face increasing risks tied to human error. Effective business-to-business (B2B) relationships are essential for achieving operational agility.

B2B

B2B Marketing Manufacturing Passwords

The Unattributable "Lead Hunter" Data Breach

Troy Hunt

JUNE 3, 2020

Not only would it be a hugely laborious exercise, there's also the question of whether I'm providing data to the actual owner of it and in an era of an untold number of account compromises every single day, no, just controlling the associated email address isn't proof of ownership.

Data breaches

Data breaches B2B Marketing Accountability

B2B IAM in Agricultural Machinery: Building a Seamless and Secure Future for Manufacturers

Thales Cloud Protection & Licensing

SEPTEMBER 10, 2024

B2B IAM in Agricultural Machinery: Building a Seamless and Secure Future for Manufacturers madhav Tue, 09/10/2024 - 07:01 As global food demand continues to rise, agricultural machinery manufacturers face growing pressure to modernise and adopt sustainable practices.

B2B

B2B Manufacturing Marketing Data collection

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

The Last Watchdog

OCTOBER 3, 2019

Started by infosec professionals, Peerlyst takes the characteristics of B2B communications we’ve become accustomed to on Twitter and LinkedIn and directs it toward cybersecurity. You can do so by submitting an email address or log in with your LinkedIn account. I’m honored to be included. It’s easy to participate on Peerlyst.

InfoSec

InfoSec B2B Cybersecurity Cyber Risk

Try like consumer, buy like enterprise?—?18 months of a B2B product led journey!

Security Boulevard

AUGUST 25, 2021

18 months of a B2B product led journey! Doing a product led journey in B2B startup is building two products with money allocated to build one. PS: If you want to experience ShiftLeft latest product experience, register for a free account. B2B is not B2C. 18 months of a B2B product led journey! For example?—?B2C

B2B

B2B B2C Marketing Accountability

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

It is astounding that billions of online accounts have been breached over the past 18 years and that US consumer accounts are by far the most compromised. accounts have been breached so far. More than two thirds of American accounts are leaked with the password, putting breached users in danger of account takeover.

VPN

VPN Data breaches Internet Internet

Q&A: How your typing and screen swiping nuances can verify your identity

The Last Watchdog

AUGUST 6, 2018

Compromised accounts came into play in data breaches of Uber, Tesla, Gemalto, Aviva, Equifax and many others. And with “digital transformation” accelerating, there are so many more weakly-secured login accounts just waiting to be maliciously manipulated. Curcio: First and foremost, all privileged accounts should leverage MFA.

Digital transformation

Digital transformation Passwords Data breaches Authentication

News alert: Memcyco report reveals only 6% of brands can stop digital impersonation fraud

The Last Watchdog

MAY 21, 2024

The creation of fake websites used for phishing-related attacks (which are a top cause of account takeover (ATO)) is a growing problem that has earned cybercriminals an astonishing $1 billion+ in 2023 alone, according to data from the U.S. Federal Trade Commission. That’s more than three times the amount reported stolen in 2020.

Scams

Scams B2C B2B Media

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

The Last Watchdog

JANUARY 17, 2022

When it comes to sales targets there is a correlation between increased sales to shareholder value creation, but closing sales in B2B transactions can be time consuming. Accountability for software security often falls under the Chief Information Security Officer (CISO). Leading indicators provide a shorter feedback loop.

CISO

CISO Software B2B Marketing

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

Your ability to comply with partner’s or B2B customer’s security requirements will be critical. Identify clear lines of accountability to help make it transparent as to who is responsible for what, making it clear how each person on the team contributes to the program’s success. What are some basic first steps?

Cybersecurity

Cybersecurity CISO B2B Risk

What’s wrong with automotive mobile apps?

SecureList

MAY 25, 2022

An analysis of these descriptions showed that more than half the applications fail to mention that they use the owner’s account with the automaker’s native service. And a B2B provider provides universal solutions that are capable of interacting with multiple automakers and facilitates their work, becoming an intermediate link.

Mobile

Mobile B2B Manufacturing Passwords

Seven things to considering Account-Based Marketing– My Thales ABM Journey

Thales Cloud Protection & Licensing

AUGUST 3, 2022

Seven things to considering Account-Based Marketing– My Thales ABM Journey. Back in March, as I was getting ready to come back from maternity leave, I was offered the chance to embark on a new and exciting career journey: piloting Account-Based Marketing for the Thales CPL EMEA region. No cold calls ” and “ ABM is B2B ”).

Marketing

Marketing Accountability B2B Engineering

AccorHotels subsidiary Gekko Group exposes hotels and travelers data in massive data leak

Security Affairs

NOVEMBER 22, 2019

Gekko Group is a leading European B2B hotel booking platform that also owns smaller hospitality brands, including Teldar Travel & Infinite Hotel. Security experts from vpnMentor discovered that Gekko Group, an AccorHotels subsidiary, exposes hotels and travelers in a massive data leak. of guests, room types, etc.),

B2B

B2B Advertising Accountability Passwords

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

SolarWinds and Mimecast are long-established, well-respected B2B suppliers of essential business software embedded far-and-wide in company networks. The more vendors your company leverages, theoretically the more attack surface you have to account for. Related: Digital certificates destined to play key role in securing DX.

Hacking

Hacking B2B Authentication Software

5 Ways CIAM Enables Effective, Secure Business Partner Identity Management

Thales Cloud Protection & Licensing

MAY 1, 2023

CIAM secures and streamlines Business-to-Business (B2B) relationships and allows you to easily connect and protect your entire B2B ecosystem, empowering you to: 1. Save on operational costs from managing remote accounts by delegating their administration to your business partners with the aid of thorough audit trails.

B2B

B2B Banking Accountability Technology

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

NOVEMBER 22, 2022

And as these businesses work towards building robust security strategies, it’s vital that they account for various threat vectors and vulnerabilities. BOLA authorization flaws can lead to unauthorized viewing, modification or destruction of data, or even a full account takeover. Today, BOLA accounts for 40% of all API attacks.

Authentication

Authentication Accountability B2B Digital transformation

CLEANING UP THE CLUTTER (Pt. 5 of “Why Don’t You Go Dox Yourself?”)

Cisco Security

NOVEMBER 4, 2022

Previously in our Go Dox Yourself series, we walked through reviewing what information is available about you online, prioritizing those accounts that are most important or still active, and then restricting how much we share through those accounts and who gets to see it. SURVIVING THE WALKING DEAD (ACCOUNTS).

Accountability

Accountability Marketing B2B Media

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

The Last Watchdog

NOVEMBER 13, 2018

The nonstop intensity of these attacks is vividly illustrated by the fact that malicious bot communications now account for one-third of total Internet traffic. One of the most intensive uses of criminal botnets is account takeovers. Thus, what we’re experiencing today is the blossoming of B2B and B2C commerce transacted digitally.

Digital transformation

Digital transformation Mobile B2C Internet

Magento Attacked Through Card Skimming Exploit

Security Affairs

APRIL 6, 2019

For instance, it patches a dangerous hole in the store that allows hackers to gain admin control over any Magento 2 admin account they can get their hands on. Ten leaked cards and a $5,000 fine will be dwarfed by 200 leaked cards and a $200,000+ fine (and a suspended merchant account!). Skimming the Cream off the E-Commerce Stores.

B2B

B2B Accountability Advertising Hacking

ChatGPT at work: how chatbots help employees, but threaten business

SecureList

OCTOBER 13, 2023

The user creates an account and gains access to the bot. Account hacking. Account security is always a priority issue. It is quite possible for attackers to gain access to employee accounts — and the data in them — for example, through phishing attacks or credential stuffing.

Accountability

Accountability B2B Risk Hacking

Insider Threat: Employees indicted for stealing $88 million of license keys

Malwarebytes

JULY 4, 2022

Avaya is a business-to-business (B2B) communications company catering to small- and medium-sized businesses. Pearce also hijacked accounts of former Avaya employees to generate more license keys and draw suspicion away from him. Dani Pearce allegedly took the accountant and financial manager role in their illegal business operation.

B2B

B2B Accountability Software Risk

Help Your Security Team Sleep Better at Night by Reducing False Positives

CyberSecurity Insiders

APRIL 9, 2021

You are likely using Web APIs to support both B2B communication and the mobile applications that users increasingly rely on in lieu of a traditional web browser. And bot networks aren’t just for DDoS anymore – threat actors increasingly deploy them for data mining, account takeover, digital ad fraud, and transaction fraud.

B2B

B2B Mobile Internet Internet

Access Control: The 5 Single Sign-On Benefits

IT Security Guru

JUNE 30, 2021

In other words, users sign in to one account, one single time, and automatically gain access to multiple applications. Supports Business to Business (B2B), Business to Consumer (B2C) and Business to Employee (B2E) activities (e.g., provisioning and de-provisioning a single account). fewer requests to reset passwords).

Password Management

Password Management Passwords VPN B2C

Global CRM Provider Exposed Millions of Clients’ Files Online

Security Affairs

OCTOBER 5, 2023

Researcher discovered that global B2B CRM provider Really Simple Systems exposed online a non-password-protected database with million records. Upon further research, records indicated that the database belonged to global B2B CRM provider Really Simple Systems.

Data breaches

Data breaches B2B Education Identity Theft

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Last Watchdog

OCTOBER 15, 2019

The hitch, of course, is that password-enabled account logins are too deeply engrained in legacy network infrastructure. Just ask Twitter CEO Jack Dorsey, whose Twitter account was hijacked this summer in what’s known as a “SIM-swap” hack. So what’s stopping us from getting rid of passwords altogether?

Passwords

Passwords Authentication Data breaches Internet

IAM Predictions for 2025: Identity as the Linchpin of Business Resilience

Thales Cloud Protection & Licensing

DECEMBER 18, 2024

Security leaders will tackle B2B identities Enterprises, both public and private, are working far more with third partiesfrom suppliers to contractors to corporate customers and more. However, these tools also lead to ever more realistic identity fakes that fraudulently open new accounts.

B2B

B2B Data privacy Financial Services Banking

Using social media as a tool to share knowledge on day-to-day Cybersecurity risks

CyberSecurity Insiders

JUNE 8, 2023

When most people think about social media and cybersecurity, they typically think about hackers taking over Instagram accounts or Facebook Messenger scammers taking private information. The Identity Theft Resource Center’s 2022 Consumer Impact Report revealed that social media account takeovers have grown by 1,000% in one year.

Media

Media Risk Cybersecurity Education

Dodging the Cyber Bullet: Early Signs of a Ransomware Attack

IT Security Guru

AUGUST 19, 2024

Lateral phishing emails from within a business’s domain indicate a successful account takeover, allowing bad actors to target additional accounts and sensitive data. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre.

Ransomware

Ransomware Backups Social Engineering Manufacturing

The Four Keys to Achieving an Optimal Application Experience

CyberSecurity Insiders

JANUARY 6, 2023

Network visibility accounts for the information of everyone who interacts with your servers––from their IP address and protocol to the amount of time they’ve spent on your network. He is an accomplished marketing leader with over 20 years of experience in enterprise software, SaaS, services, and technical B2B marketing.

Marketing

Marketing B2B Surveillance Risk

How cybercrime is impacting SMBs in 2023

SecureList

JUNE 26, 2023

Below is a brief description of the most popular types of threats that SMB employees encountered in January–May 2023: Exploits The biggest threat to SMBs in the first five months of 2023 were exploits , which accounted for 483,980 detections. If an employee enters their credentials, the scammers get access to their account.

Cybercrime

Cybercrime Phishing Banking Malware

Data Breach: Millions of Phone Numbers, Recordings, and Call Logs Compromised in Ringostat Data Leak

Security Affairs

MARCH 3, 2021

Identity Theft: Leaked personally identifiable information (PIIs) can be used to access accounts on other websites, leading to further information leaks and outright identity theft. As Ringostat is B2B (business-to-business), end users would not know if their data was leaked unless a service informed them.

Data breaches

Data breaches Identity Theft Phishing B2B

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Security Affairs

SEPTEMBER 1, 2022

The researchers also provided details about some case studies, such as an unnamed B2B company offering an intranet and communication platform that also provided a mobile software development kit (SDK) to its customers. The issue could allow a third party to achieve full read/write root account credentials. . Pierluigi Paganini.

B2B

B2B Banking Authentication Mobile

The Impact of Remote Work and Cloud Migrations on Security Perimeters

Security Affairs

MAY 27, 2024

Different industries and regions have specific regulatory requirements, such as the General Data Protection Regulation (GDPR) for data protection in the EU, the Health Insurance Portability and Accountability Act (HIPAA) for healthcare information in the US, and the Payment Card Industry Data Security Standard (PCI-DSS) for credit card information.

Cloud Migration

Cloud Migration B2B Data breaches Digital transformation

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

IT Security Guru

AUGUST 7, 2024

Ongoing User Authentication : To maintain the security of customer accounts and prevent unauthorised access, CIAM platforms employ advanced authentication mechanisms, such as session management and behavioural analytics, to continuously monitor user activity and detect suspicious behaviour.

Insurance

Insurance Data collection Authentication Technology

Kaseya Breach Underscores Vulnerability of IT Management Tools

eSecurity Planet

JULY 6, 2021

Like SolarWinds, both companies serve large B2B audiences, where Kaseya’s products produce hundreds of end products and services. Some threat groups promote a moral code of conduct, but there’s little evidence to prove actors are held accountable for misuse like targeting critical infrastructure, nonprofit, and public organizations.

Ransomware

Ransomware Software B2B System Administration

IAM Predictions for 2025: Identity as the Linchpin of Business Resilience

Security Boulevard

DECEMBER 18, 2024

Security leaders will tackle B2B identities Enterprises, both public and private, are working far more with third partiesfrom suppliers to contractors to corporate customers and more. However, these tools also lead to ever more realistic identity fakes that fraudulently open new accounts.

B2B

B2B Data privacy Financial Services Banking

Don’t Drown your Security Team in Low-Value WAF Alerts

CyberSecurity Insiders

APRIL 6, 2021

Web APIs are increasingly used to support both B2B communication and the mobile applications that users increasingly rely on in lieu of a traditional web browser. And threat actors are using increasingly sophisticated bot networks not just for DDoS attacks, but for data mining, account takeover, digital ad fraud, and transaction fraud.

B2B

B2B Mobile Internet Internet

Taking Control Online: Ensuring Awareness of Data Usage and Consent

Security Affairs

SEPTEMBER 17, 2024

The Thales research showed that more than half (55%) demand to know when and how their data is collected, whether through website cookies, user accounts, or other tracking mechanisms. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centers.

Data collection

Data collection Data privacy B2B Digital transformation

The Evolution of API: From Commerce to Cloud

Security Affairs

AUGUST 11, 2023

On the other hand, the constant evolution of APIs makes documentation challenging, and security measures don’t always account for the right factors. About the author : Ali Cameron is a content marketer that specializes in the cybersecurity and B2B SaaS space.

B2B

B2B Internet Internet Marketing

Explaining User and Entity Behavior Analytics: Enhanced Cybersecurity Through UEBA

CyberSecurity Insiders

APRIL 27, 2022

Make sure to look for B2B loyalty programs that offer data-driven insights in addition to the security aspect of UEBA. . Detect compromised accounts. UEBA is the perfect tool for detecting hacked employee accounts, as it is almost impossible for hackers to emulate the usual behavior of the account owner.

Cybersecurity

Cybersecurity Threat Detection Marketing B2B

Multi-Factor Authentication Best Practices & Solutions

eSecurity Planet

OCTOBER 5, 2021

In fact, 62 percent of professionals admitted to sharing passwords over text messages or email and 46 percent said their company shares passwords for accounts used by multiple people. One way attackers have started to circumvent MFA is by calling victims and convincing them that someone has hacked their account. Passwordless access.

Authentication

Authentication Passwords Mobile Accountability

The noodle soup of B2B IAM and third-party identities

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Trending Sources

Inside the DemandScience by Pure Incubation Data Breach

How B2B IAM helps build business agility

The Unattributable "Lead Hunter" Data Breach

B2B IAM in Agricultural Machinery: Building a Seamless and Secure Future for Manufacturers

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

Try like consumer, buy like enterprise?—?18 months of a B2B product led journey!

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

Q&A: How your typing and screen swiping nuances can verify your identity

News alert: Memcyco report reveals only 6% of brands can stop digital impersonation fraud

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

What’s wrong with automotive mobile apps?

Seven things to considering Account-Based Marketing– My Thales ABM Journey

AccorHotels subsidiary Gekko Group exposes hotels and travelers data in massive data leak

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

5 Ways CIAM Enables Effective, Secure Business Partner Identity Management

5 API Vulnerabilities That Get Exploited by Criminals

CLEANING UP THE CLUTTER (Pt. 5 of “Why Don’t You Go Dox Yourself?”)

NEW TECH: Cequence Security launches platform to shield apps, APIs from malicious botnets

Magento Attacked Through Card Skimming Exploit

ChatGPT at work: how chatbots help employees, but threaten business

Insider Threat: Employees indicted for stealing $88 million of license keys

Help Your Security Team Sleep Better at Night by Reducing False Positives

Access Control: The 5 Single Sign-On Benefits

Global CRM Provider Exposed Millions of Clients’ Files Online

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

IAM Predictions for 2025: Identity as the Linchpin of Business Resilience

Using social media as a tool to share knowledge on day-to-day Cybersecurity risks

Dodging the Cyber Bullet: Early Signs of a Ransomware Attack

The Four Keys to Achieving an Optimal Application Experience

How cybercrime is impacting SMBs in 2023

Data Breach: Millions of Phone Numbers, Recordings, and Call Logs Compromised in Ringostat Data Leak

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

The Impact of Remote Work and Cloud Migrations on Security Perimeters

Masterclass in CIAM for Insurance: Balancing Security, Experience, and Consent

Kaseya Breach Underscores Vulnerability of IT Management Tools

IAM Predictions for 2025: Identity as the Linchpin of Business Resilience

Don’t Drown your Security Team in Low-Value WAF Alerts

Taking Control Online: Ensuring Awareness of Data Usage and Consent

The Evolution of API: From Commerce to Cloud

Explaining User and Entity Behavior Analytics: Enhanced Cybersecurity Through UEBA

Multi-Factor Authentication Best Practices & Solutions

Stay Connected